Today, I’ve been working on getting ProFTPd to play nice with OpenLDAP for authentication. There are a couple of options here. I can use the mod_ldap contribution that comes with ProFTPd, or I can install the PAM module for Solaris.
Right now, I’m leaning towards the PAM module. This would enable me to do authentication on all UNIX accounts using LDAP — and I could admin the accounts for all Unix boxes and FTP from one place. If a user changed their password on one box, it would change everywhere.
The Novell Admin here showed me that Novell has exposed an LDAP interface for their NDS, and that would be the ideal thing: let everyone use their Novell passwords to log in.
It isn’t that easy, though. The FTP servers have to allow some people to log in who are not local.
So, right now, I’m thinking of putting an LDAP server on each box and have them all replicate from a single one.